🎧 AI Can Be Hacked With Sound Humans Can't HearResearchers from China and Singapore
have demonstrated a new kind of attack on voice AI assistants: a malicious command
can be hidden directly inside audio—for example, in a podcast, video, music track, or Zoom call recording. A person hears normal audio, maybe with slight distortion, while the model picks up a hidden instruction.
In tests, these signals caused the AI to ignore the original request, give false answers, insert malicious links, or even
leak personal data.💡 The danger isn't really that some random YouTube video could hack any assistant. For now, this is a research demonstration, and preparing such an attack requires deep access to the model. But the study shows that modern voice AIs
are not very good at telling the difference between direct instructions and audio data meant for analysis.
📱 In tests across
13 models, the attack success rate ranged from
79% to
96%. What's more, attacks developed on open models transferred easily to commercial agents. And standard defenses didn't help much: fine-tuning the model to recognize suspicious commands reduced the attack success rate by only a few percentage points.
Do you use voice to talk to AI?❤️ — Yes, it's more convenient
🔥 — No, text only
@hiaimediaen
Informational material. 18+.
